[Lxc-users] trouble with remote mounts, ssh and ftp clients from inside container behind private bridge & NAT
Whit Blauvelt
whit at transpect.com
Sat Nov 10 01:07:26 UTC 2012
> > You mounted NFS on the host, and then tried to bind it to the guest? Didn't
> > work?
>
> Right. As I recall, the system exploded. Or at least did not work
> properly after that. Hung on file access, maybe. It was painful
> enough that I've purged the incident from memory, and just
> avoid nfs inside lxc.
Hmm. Looking here:
https://help.ubuntu.com/12.04/serverguide/lxc.html
when using lxc in Ubuntu, it looks like Apparmor steps all over it,
particularly when it comes to mounting. Ubuntu even has Apparmor as an lxc
dependency, so if you remove Apparmor it takes lxc with it.
I'm going to have to follow the instructions there to make lxc "unconfined."
Having a feature designed to break things, on the assumption that
right-thinking people just shouldn't want to do those things anyway, is bad
design. Especially when it's linked to an experimental feature like lxc,
which people should want to explore to discover its unconfined best uses
before deciding which aspects of it to lock down.
Whit
More information about the lxc-users
mailing list